sec578 Week 4 midterm latest 2017 Question # 00515264 Posted By: rey_writer Updated on: 04/21/2017 04:31 AM Due on: 04/21/2017 Subject General Questions Topic General General Questions Tutorials: 1 See full Answer Question Question 1.1.(TCO A) According to NIST, a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited is a(n) ______. (Points : 5) vulnerability threat risk impact dangerQuestion 2.2.(TCO B) The expression {(confidentiality, impact), (integrity, impact), (availability, impact)} is an expression called what? (Points : 5) Security Risk Security Threat Security Damage Security Category INFOCONQuestion 3.3.(TCO C) According to NIST, preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information is called _______. (Points : 5) nonrepudiation confidentiality authorization integrity availabilityQuestion 4.4.(TCO F) According to NIST, what is the weakest link in security? (Points : 5) Administrative controls Technical controls Personnel controls Physical controls People Question 1. 1. (TCO A) What does it mean to say that information assets are critical business assets? (Points : 5)SpellcheckerQuestion 2. 2. (TCO B) Explain why the term due care is very rarely used in policy documents. (Points : 5)SpellcheckerQuestion 3. 3. (TCO C) What are the vulnerabilities that (1) confidentiality controls, (2) integrity, controls, and (3) availability controls protect information assets against? (Points : 5)SpellcheckerQuestion 4. 4. (TCO F) Describe the idea of reuse in the computer systems life cycle. (Points : 5)Spellchecker Below 41. (TCO A) Reuse is a term that is commonly used to mean that things do not need to be developed each time that they are needed, but rather can be used over and over without redevelopment. Reuse is common in the software and hardware industries. However, one must be careful with reuse. What is a pitfall of the strategy of reuse? (Points : 15)SpellcheckerQuestion 2. 2. (TCO B) Controlled Unclassified Information is a term invented by the President of the United States in 2008. This new category of information replaces about 150 (or more) existing categories of information and eliminates those over a five-year period. Controlled Unclassified Information is intended to include all of the unclassified information currently addressed by SOX, HIPAA, FERPA, FISMA, GLB, and so forth. When this effort is completed, there will be exactly three categories of Controlled Unclassified Information, which will replace all 150 (or more) current information categories. What is the advantage of reducing the number of categories of unclassified information from the estimated 150 to three? (Points : 15)SpellcheckerQuestion 3. 3. (TCO C) Today, several security services are increasingly provided as common security services. These include audit and monitoring services, authentication services, access management services, directory services, and a variety of detection, prevention, and mitigation services. What is meant by "common security services" and what advantage and disadvantage do they provide when compared to commodity security controls? (Points : 15)SpellcheckerQuestion 4. 4. (TCO F) Explain why human errors are considered a threat to computer security. (Points : 15)Spellchecker Rating: 4.9/5
Solution: sec578 Week 4 midterm latest 2017